Tinder Addresses Its Security Flaws and Will Now Encrypt Your Photos

Swipe in peace.

Tinder users might not know it but their pictures were not encrypted until recently, making them accessible by hackers. That potential privacy breach changed thanks to a letter from a US senator.

Back in January, cybersecurity firm Checkmarx posted on its blog a report of the vulnerabilities of Tinder. Responding to the report in February, Oregon Senator Ron Wyden wrote a letter to the app’s parent company, Match.com, about the security issue. Twitter user Matthew Green tweeted a letter from the company to Senator Wyden dated June 27, stating the Tinder app has been fully secured as of June 19.

So, um, this is pretty weird. Apparently Senator Wyden just got Tinder to properly encrypt your swipe data, so you can all get it on in private. pic.twitter.com/BniAVUi77Q

There were two vulnerabilities Checkmarx found with the Tinder app. The first was a big one allowing hackers on the same wifi network to monitor and even control what a Tinder user was doing on the app. Match.com dealt with this security issue on February 6, as stated in the letter.

A second issue, which was not as malicious as the first but still intrusive, was the observable differences between swipes and matches in Tinder. Specifically, a hacker could monitor the amount of data used by the app and figure out what a Tinder user was doing. Swiping right, swiping left, and finding a match had different data amounts making it easy to distinguish which action was taken. To fix this problem, Match.com wrote the various actions in the app have been padded in order make each action indistinguishable from one another.

With the Tinder app now fully secured, users can swipe away in hopes of finding true love, or just some hook-up, there’s no need to judge.

For those Tinder users who found themselves turned off by the app, there’s a new competitor about to jump in the dating app market. Facebook will soon release its feature equivalent to Tinder called Facebook Dating that will hopefully not cause another privacy mess like Cambridge Analytica.